Ensure the previous pages params aren't passed through redirect
This commit is contained in:
parent
ced63f6e5a
commit
14d114ce1d
@ -112,7 +112,7 @@ For example:
|
|||||||
@http_method = http_method
|
@http_method = http_method
|
||||||
@data = data
|
@data = data
|
||||||
|
|
||||||
request_page(response_location, :get, data) if internal_redirect?
|
request_page(response_location, :get, {}) if internal_redirect?
|
||||||
|
|
||||||
return response
|
return response
|
||||||
end
|
end
|
||||||
|
@ -14,11 +14,22 @@ class WebratController < ApplicationController
|
|||||||
end
|
end
|
||||||
|
|
||||||
def internal_redirect
|
def internal_redirect
|
||||||
redirect_to :submit
|
redirect_to submit_path
|
||||||
end
|
end
|
||||||
|
|
||||||
def external_redirect
|
def external_redirect
|
||||||
redirect_to "http://google.com"
|
redirect_to "http://google.com"
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def before_redirect_form
|
||||||
|
end
|
||||||
|
|
||||||
|
def redirect_to_show_params
|
||||||
|
redirect_to show_params_path(:custom_param => "123")
|
||||||
|
end
|
||||||
|
|
||||||
|
def show_params
|
||||||
|
render :text => params.to_json
|
||||||
|
end
|
||||||
|
|
||||||
end
|
end
|
@ -0,0 +1,7 @@
|
|||||||
|
<% form_tag redirect_to_show_params_path do %>
|
||||||
|
<label>
|
||||||
|
Text field <%= text_field_tag "text_field" %>
|
||||||
|
</label>
|
||||||
|
|
||||||
|
<%= submit_tag "Test" %>
|
||||||
|
<% end %>
|
@ -4,6 +4,10 @@ ActionController::Routing::Routes.draw do |map|
|
|||||||
webrat.internal_redirect "/internal_redirect", :action => "internal_redirect"
|
webrat.internal_redirect "/internal_redirect", :action => "internal_redirect"
|
||||||
webrat.external_redirect "/external_redirect", :action => "external_redirect"
|
webrat.external_redirect "/external_redirect", :action => "external_redirect"
|
||||||
|
|
||||||
|
webrat.before_redirect_form "/before_redirect_form", :action => "before_redirect_form"
|
||||||
|
webrat.redirect_to_show_params "/redirect_to_show_params", :action => "redirect_to_show_params"
|
||||||
|
webrat.show_params "/show_params", :action => "show_params"
|
||||||
|
|
||||||
webrat.root :action => "form"
|
webrat.root :action => "form"
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
@ -21,8 +21,19 @@ class WebratTest < ActionController::IntegrationTest
|
|||||||
assert field_labeled("Prefilled").value, "text"
|
assert field_labeled("Prefilled").value, "text"
|
||||||
end
|
end
|
||||||
|
|
||||||
|
test "should not carry params through redirects" do
|
||||||
|
visit before_redirect_form_path
|
||||||
|
fill_in "Text field", :with => "value"
|
||||||
|
click_button
|
||||||
|
|
||||||
|
assert response.body !~ /value/
|
||||||
|
assert response.body =~ /custom_param/
|
||||||
|
end
|
||||||
|
|
||||||
test "should follow internal redirects" do
|
test "should follow internal redirects" do
|
||||||
visit internal_redirect_path
|
visit internal_redirect_path
|
||||||
|
|
||||||
|
assert !response.redirect?
|
||||||
assert response.body.include?("OK")
|
assert response.body.include?("OK")
|
||||||
end
|
end
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user